Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/upfWsGWz6cO0DG0ZS5qlPE1NgzM.roa
File: upfWsGWz6cO0DG0ZS5qlPE1NgzM.roa (raw, json)
Hash identifier: +kITxmsrmYeCYIJ8aUWP3p7RTcxowNAt02p6wEwIq7w=
Subject key identifier: BA:97:D6:B0:65:B3:E9:C3:B4:0C:6D:19:4B:9A:A5:3C:4D:4D:83:33
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 01941FFA83BB3D91602517666283140DD499
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/upfWsGWz6cO0DG0ZS5qlPE1NgzM.roa
Signing time: Wed 01 Jan 2025 03:48:18 +0000
ROA not before: Wed 01 Jan 2025 03:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 109.111.40.0/22 maxlen: 24
176.221.26.0/23 maxlen: 24
185.65.60.0/24 maxlen: 24
185.65.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:83:bb:3d:91:60:25:17:66:62:83:14:0d:d4:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 1 03:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba97d6b065b3e9c3b40c6d194b9aa53c4d4d8333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:86:cd:a1:e5:e4:c4:d1:68:2f:f9:bc:a2:b4:
00:9e:1f:5a:95:6f:22:2c:18:6c:94:3a:ae:75:e3:
a4:e2:af:40:43:79:d7:87:b3:3e:c3:1d:20:27:55:
0c:7b:21:1d:c7:cf:68:0d:29:fd:d9:c9:8c:ad:45:
0c:4d:42:d2:ce:f6:54:e5:35:6e:85:67:75:68:62:
05:0d:f9:13:a4:03:51:7a:8f:ad:ab:7f:c3:7a:a6:
82:3b:d5:9e:9c:17:d6:02:f6:f7:33:ee:f7:ae:58:
e7:51:7c:4a:56:87:02:14:fa:b4:cb:83:84:bd:76:
ef:b8:0f:88:b0:4c:27:af:9d:f1:a0:df:69:9f:ee:
76:4c:13:df:f8:ab:54:40:7e:a4:40:9c:28:0f:c6:
9b:56:a7:41:d7:39:e9:5c:28:10:ce:1d:e0:88:6e:
f4:d8:dd:60:2a:8d:83:03:bd:7d:7e:2b:7e:eb:10:
ba:01:b5:e7:92:ab:86:d5:c6:aa:e4:16:c2:aa:33:
b1:9b:50:37:1f:fa:0c:10:af:7a:42:95:a9:4a:5b:
d3:1e:af:ed:62:8f:ea:d3:a3:fc:8e:86:96:ed:a8:
a1:b3:95:b5:9c:c2:63:b5:bd:d9:1a:56:02:0b:f8:
c1:35:7d:7f:3e:d1:68:1b:8b:87:aa:2b:bc:4f:62:
3b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:97:D6:B0:65:B3:E9:C3:B4:0C:6D:19:4B:9A:A5:3C:4D:4D:83:33
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/upfWsGWz6cO0DG0ZS5qlPE1NgzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.40.0/22
176.221.26.0/23
185.65.60.0/23
Signature Algorithm: sha256WithRSAEncryption
38:fb:04:f9:80:02:bd:0b:39:73:72:50:7a:5a:90:fa:28:a9:
29:bb:ea:09:53:61:db:2c:81:c8:d9:bb:ce:e7:a6:5b:2f:e8:
05:7c:c8:ce:22:87:3d:59:60:73:66:5f:30:02:4e:8d:83:c6:
2e:d9:57:7f:b6:56:dc:ed:84:07:77:94:0d:bb:1c:0a:9e:3e:
6e:63:7a:69:80:0b:82:59:5a:9e:e6:04:fd:30:59:22:0f:5a:
68:64:4a:bc:a8:2e:d1:0e:95:a6:60:d9:61:8a:ce:08:1c:91:
41:8c:33:56:9f:11:79:c5:b9:46:45:63:09:f8:c2:60:6f:c7:
d1:73:aa:6f:fb:e5:08:a4:5d:d6:29:92:a7:25:a5:a1:e5:6e:
75:2f:fe:83:a2:bb:c7:50:6d:41:ce:17:10:86:1e:39:61:14:
11:78:3d:ce:41:a3:d4:98:f7:0e:d6:f7:e3:e6:99:79:95:7e:
ac:f1:a3:3a:f1:a7:f0:f9:b8:24:12:76:58:8a:15:d0:a0:cf:
5e:fd:70:29:4c:c8:17:0a:a8:5e:43:44:3f:5e:03:02:a7:a2:
fc:f8:c6:2f:a2:e5:f7:1e:ee:ee:0a:63:df:2d:d4:86:e5:01:
09:2a:e0:0e:f6:67:dc:86:c4:34:74:65:32:1f:0b:48:b7:b5:
af:b8:62:be
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+oO7PZFgJRdmYoMUDdSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjUwMTAxMDM0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTk3ZDZiMDY1YjNlOWMzYjQwYzZkMTk0YjlhYTUzYzRkNGQ4MzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnobNoeXkxNFoL/m8orQAnh9alW8i
LBhslDqudeOk4q9AQ3nXh7M+wx0gJ1UMeyEdx89oDSn92cmMrUUMTULSzvZU5TVu
hWd1aGIFDfkTpANReo+tq3/DeqaCO9WenBfWAvb3M+73rljnUXxKVocCFPq0y4OE
vXbvuA+IsEwnr53xoN9pn+52TBPf+KtUQH6kQJwoD8abVqdB1znpXCgQzh3giG70
2N1gKo2DA719fit+6xC6AbXnkquG1caq5BbCqjOxm1A3H/oMEK96QpWpSlvTHq/t
Yo/q06P8joaW7aihs5W1nMJjtb3ZGlYCC/jBNX1/PtFoG4uHqiu8T2I7eQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLqX1rBls+nDtAxtGUuapTxNTYMzMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvdXBmV3NHV3o2Y08wREcwWlM1cWxQRTFOZ3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCbW8oAwQB
sN0aAwQBuUE8MA0GCSqGSIb3DQEBCwUAA4IBAQA4+wT5gAK9CzlzclB6WpD6KKkp
u+oJU2HbLIHI2bvO56ZbL+gFfMjOIoc9WWBzZl8wAk6Ng8Yu2Vd/tlbc7YQHd5QN
uxwKnj5uY3ppgAuCWVqe5gT9MFkiD1poZEq8qC7RDpWmYNlhis4IHJFBjDNWnxF5
xblGRWMJ+MJgb8fRc6pv++UIpF3WKZKnJaWh5W51L/6DorvHUG1BzhcQhh45YRQR
eD3OQaPUmPcO1vfj5pl5lX6s8aM68afw+bgkEnZYihXQoM9e/XApTMgXCqheQ0Q/
XgMCp6L8+MYvouX3Hu7uCmPfLdSG5QEJKuAO9mfchsQ0dGUyHwtIt7WvuGK+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:24 2025 by rpki-client